1
Fork 0

Several changes

~Use TLS properly
+Generate author IDs from Salted IPs
~Change port
+Add start script
This commit is contained in:
Tobias Berger 2022-01-08 17:17:43 +01:00
parent 4c2da330d1
commit 7bf4baa921
3 changed files with 81 additions and 22 deletions

1
.gitignore vendored
View file

@ -4,3 +4,4 @@
.rollup.cache .rollup.cache
tsconfig.tsbuildinfo tsconfig.tsbuildinfo
node_modules node_modules
*.pem

View file

@ -2,11 +2,13 @@
"name": "web-drs-backend", "name": "web-drs-backend",
"version": "1.0.0", "version": "1.0.0",
"description": "", "description": "",
"main": "server.js", "main": "server.node.bundle.js",
"directories": { "directories": {
"lib": "lib" "lib": "lib"
}, },
"scripts": { "scripts": {
"dev": "yarn build && yarn start",
"start": "node server.node.bundle.js",
"build": "rollup --config ./rollup.config.js" "build": "rollup --config ./rollup.config.js"
}, },
"repository": { "repository": {

View file

@ -1,39 +1,87 @@
import * as fs from "fs";
import * as https from "https";
import { WebSocketServer } from "ws"; import { WebSocketServer } from "ws";
import * as crypto from "crypto";
import type { AckMessage, TextMessage } from "./lib/ServerMessage";
import { import {
isServerMessage, isServerMessage,
isTextMessage, isTextMessage,
MessageType, MessageType,
} from "./lib/types/ServerMessage"; } from "./lib/ServerMessage";
const port = 8989; const SALT = crypto
.randomBytes(Math.round(Math.random() * 1024))
.toString("hex");
const port = 8085;
const timeout = 15000; const timeout = 15000;
const server = new WebSocketServer({port}); const httpsServer = https.createServer({
key: fs.readFileSync("./key.pem"),
cert: fs.readFileSync("./cert.pem"),
});
const webSocketServer = new WebSocketServer({ server: httpsServer });
console.log("listening on port: " + port); console.log("listening on port: " + port);
server.on("connection", function connection(socket) { function hash(str: string) {
function close() { return crypto.createHash("SHAKE256").update(str, "utf-8").digest("hex");
socket.send("closing connection due to inactivity"); }
socket.close();
async function handleTextMessage(message: TextMessage, from: string) {
for (const to of webSocketServer.clients) {
to.send(
JSON.stringify(
Object.assign({}, message, {
author: from,
})
)
);
}
}
webSocketServer.on("connection", function connection(socket, request) {
const close = (reason: string, code: number = 1000) => {
socket.send(
JSON.stringify({
type: MessageType.ACK,
date: Date.now(),
__ctx: `closing connection. reason: ${reason}`,
} as AckMessage)
);
socket.close(code, `closing connection. reason: ${reason}`);
};
let authorID: string;
{
let ip: string | undefined;
if (request.headers["x-forwarded-for"] !== undefined) {
const forwardedFor = request.headers["x-forwarded-for"];
ip =
typeof forwardedFor === "string"
? forwardedFor.split(",")[0]?.trim()
: forwardedFor[0];
} else {
ip = request.socket.remoteAddress;
}
if (ip === undefined) {
close("could not generate author id", 1008);
console.error("connection without IP. closing.");
return;
}
authorID = hash(ip + SALT);
} }
socket.on("message", function (rawMessage: string) { socket.on("message", function (rawMessage: string) {
console.log("message: " + rawMessage);
const message = JSON.parse(rawMessage); const message = JSON.parse(rawMessage);
if (!isServerMessage(message)) { if (!isServerMessage(message)) {
console.error(`Unexpected message received from client \`${message}\``); console.error(`Unexpected message received from client \`${message}\``);
} }
if (isTextMessage(message)) { if (isTextMessage(message)) {
socket.send( handleTextMessage(message, authorID);
JSON.stringify({
type: MessageType.TEXT,
date: Date.now(),
author: "ECHO Service",
content: message.content,
}),
);
} }
clearTimeout(closeTimeout); clearTimeout(closeTimeout);
closeTimeout = setTimeout(close, timeout); closeTimeout = setTimeout(close, timeout);
@ -42,7 +90,15 @@ server.on("connection", function connection(socket) {
console.log("closed a connection"); console.log("closed a connection");
}); });
console.log("new client connected!"); console.log("new client connected! ID:", authorID);
socket.send("connected"); socket.send(
JSON.stringify({
type: MessageType.ACK,
date: Date.now(),
__ctx: "connected successfully",
} as AckMessage)
);
let closeTimeout = setTimeout(close, timeout); let closeTimeout = setTimeout(close, timeout);
}); });
httpsServer.listen(port);